Washington, D.C. - The Electronic Frontier Foundation (EFF) today asked the Federal Trade Commission (FTC) to investigate America Online (AOL) and require changes in its privacy practices, after the company recently released search history logs that exposed the private lives of more than a half-million of its customers.

Last week, news reports revealed that AOL published to the Internet three months of search queries from about 650,000 users. In its complaint, EFF argues that the release of this data violated AOL's privacy policy and the Federal Trade Commission Act and should be investigated. EFF further requests that the FTC require AOL to notify customers affected by the disclosure and to stop logging search data except where absolutely necessary.

"Search terms can expose the most intimate details of a person's life -- private information about your family problems, your medical history, your financial situation, your political and religious beliefs, your sexual preferences, and much more," said EFF Staff Attorney Marcia Hofmann. "At the very least, AOL should notify every customer whose privacy has been jeopardized by the company's careless handling of this incredibly private information, and AOL should not store this kind of data in the future when it doesn't have to."

While AOL has removed the data from its own web site, the data is still freely available from other sites on the Internet. And although specific AOL screen names were not released, the data is associated with unique ID numbers, allowing each user's search terms to be grouped together. Whether because of users' searches for their own names or MySpace profiles, or searches related to their cities and neighborhoods, these search histories can expose -- and in some cases, already have exposed -- particular users' private searches to the world. In support of its complaint, EFF confidentially submitted examples of search queries containing personally identifiable information and search histories that could likely be tied to particular AOL subscribers.

"We've asked the FTC to make sure that AOL rectifies the damage that's been done and improve its privacy protections for the future," said EFF Staff Attorney Kevin Bankston. "But this problem isn't limited to AOL -- every search company stores this kind of data. Hopefully, AOL's shocking violation of its users' privacy will spur Congress to clarify that the same law that prevents these companies from disclosing our personal emails also applies to our search logs."

Related Updates

The full weight of U.S. policing has descended upon protesters across the country as people take to the streets to denounce the police killings of Breonna Taylor, George Floyd, and countless others who have been subjected to police violence. Along with riot shields, tear gas, and other crowd control...

Your phone is your life. It’s where you communicate, get your news, take pictures and videos of your loved ones, relax and play games, and find a significant other. It can track your health, give you directions, remind you of events, and much more. It’s an incredibly helpful tool, but...

EFF has joined a broad coalition of civil liberties, civil rights, and labor advocates to oppose A.B. 2261, which threatens to normalize the increased use of face surveillance of Californians where they live and work. Our allies include the ACLU of California, Oakland Privacy, the California Employment Lawyers Association, Service...

In the wake of nationwide protests against the police killings of George Floyd and Breonna Taylor, we urge protestors to stay safe, both physically and digitally. Our Surveillance Self Defense (SSD) Guide on attending a protest offers practical tips on how to maintain your privacy and minimize your digital...

With states beginning to ease shelter-in-place restrictions, the conversation on COVID-19 has turned to questions of when and how we can return to work, take kids to school, or plan air travel.Several countries and U.S. states, including the UK, Italy, Chile, Germany, and California, have expressed interest in...

When it comes to surveillance of our online lives, Internet service providers (ISPs) are some of the worst offenders. Last year, the state of Maine passed a law targeted at the harms ISPs do to their customers when they use and sell their personal information. Now that law is...

COVID-19, and containment efforts that rely on personal data, are shining a spotlight on a longstanding problem: our nation’s lack of sufficient laws to protect data privacy. Two bills before Congress attempt to solve this problem as to COVID-19 data. One is a good start that needs improvements. The other...

In a landmark decision, the German Constitutional Court has ruled that mass surveillance of telecommunications outside of Germany conducted on foreign nationals is unconstitutional. Thanks to the chief legal counsel, Gesellschaft für Freiheitsrechte (GFF), this a major victory for global civil liberties, but especially those that live and...